Skip to content

Create Flow Logs

Create a flow log for all traffic in VPC A and save it to the destination log group NetworkingWorkshopFlowLog.

Create CloudWatch Log group

First, let’s create a CloudWatch Log group to store flow logs in:
1. Navigate to the CloudWatch Console

  1. In the menu on the left, click Log groups under Logs and click Create log group in the top right

    Create Log Group

  2. Enter NetworkingWorkshopFlowLogsGroup as Log group name and click Create

    Create Log Group

    Create VPC Flow log

  3. In the VPC Dashboard navigate to Your VPCs

  4. Select VPC A, scroll down to the Flow Logs tab and click on Create flow log

    Create Flow Log

  5. In the resulting Flow log settings section

    • Enter NetworkingWorkshopFlowLog in the Name field
    • Set Filter to All
    • Set Maximum aggregation interval to 1 minute
    • Leave Destination as Send to CloudWatch Logs
    • Set Destination log group as NetworkingWorkshopFlowLogsGroup
    • Select NetworkingWorkshopFlowLogsRole from the IAM role dropdown (this IAM role was created by the workshop's base CloudFormation template)

    Flow Log Settings

  6. Click on Create flow log

You completed setup of the VPC flow logs.